UEFI clients are capable of booting from HTTP or HTTPS if they are given a valid URL via DHCP filename option. Publishing required files is achieved with module which will publish tftp directory via http and https on /EFI endpoint for HTTP BOOT UEFI and /httpboot for generic http boot (iPXE) with the same content. Because we do lack installer support for this feature for now, few steps are needed to configure Foreman so it servers boot files over http:
- Enable HTTPBoot plugin: in
/etc/foreman-proxy/settings.d/httpboot.yml
set:enabled: true
- Restart services, so config change will take effect:
# foreman-maintain service restart
- In webUI refresh integrated capsules features with Infrastructure -> Capsules -> <foremanâs capsule> -> Refresh features and make sure âHTTPBootâ is now listed in âActive featuresâ there
- Assign this HTTPBoot capsule to to the subnet(s): Infrastructure -> Subnets -> -> Capsules and select the capsule and press âSubmitâ
- Now when creating a host, on âOperating systemâ tab set âPXE Loaderâ to âGrub2 UEFI HTTPâ
This will cause UEFI firmware on provisioned machine to download the following loader according to the settings (assuming that smart-proxy is registered to foreman via standard port 8443 or 9090 for katello setup):
- Smart Proxy HTTPBoot feature set in a Subnet + Grub2 UEFI HTTP:
http://<httpboot_proxy>:8443/httpboot/grub2/grubx64.efi
. (*) - Smart Proxy HTTPBoot feature set in a Subnet + Grub2 UEFI HTTPS:
https://<httpboot_proxy>:8443/httpboot/grub2/grubx64.efi
. - Smart Proxy HTTPBoot feature not set in a Subnet + Grub2 UEFI HTTP:
http://<unattended_url>/httpboot/grub2/grubx64.efi
. - Smart Proxy HTTPBoot feature not set in a Subnet + Grub2 UEFI HTTPS:
https://<unattended_url>/httpboot/grub2/grubx64.efi
. (*)
(*) - these combination will not work since protocol and port will not match. As you can see, this still needs more love. The PXE Loader code needs to be extended to recognize which HTTP and HTTPS ports are used for a given capsule and set that appropriately.
The grubx64.efi
file is being served from well known /var/lib/tftpboot/...
directory.